DNS Best Practices
February 2017 • Podcast
In this podcast, Mark Langston discusses best practices for designing a secure, reliable DNS infrastructure.
“One of the interesting things that I’ve seen over time is that many people, usually for performance reasons, will disable logging on their name servers. It is unfortunate because DNS logging is one of the primary ways you would notice somebody doing something untoward with your DNS infrastructure.”
Software Engineering Institute
The Domain Name System (DNS) is an essential component of the Internet, a virtual phone book of names and numbers, but we rarely think about it until something goes wrong. DNS also serves as the backbone for other services critical to organizations including email, external web access, file sharing and voice over IP (VoIP). There are steps, however, that network administrators can take to ensure the security and resilience of their DNS infrastructure and avoid security pitfalls. In this podcast, Mark Langston discusses best practices for designing a secure, reliable DNS infrastructure.
About the Speaker
Mark Langston is a member of the technical staff and the Situational Awareness team in SEI’s CERT Division. His primary focus is adapting real-world operational concerns and current attacker tools, techniques, and procedures to the research and development of new analytic techniques for network defense. Prior to joining CERT, Mark worked in the computer and security industry for more than 20 years, in positions ranging from systems administrator, to consultant, to software developer, to executive.